cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Questions on enabling Modern Authentication.

SB V
Brass Contributor

‎Mar 04 2019 03:08 AM - last edited on ‎Jul 27 2020 06:44 PM by

‎Mar 04 2019 03:08 AM - last edited on ‎Jul 27 2020 06:44 PM by

Questions on enabling Modern Authentication.

Hi Experts, 

 

One of our customer raised the below query:

 

If they switch the tenant over to modern auth what happens with:
• New apps that try modern auth first
Their assumption is that these will just switch over to modern auth seamlessly (or invoke MFA, CA, etc)
• Older apps that have modern auth ‘bolted on’ (Office 2013 with patches)
Hoping that these will also fail over seamlessly
• Even older apps that don’t know about modern auth (Office 2010)

They’d hope everything fails back to basic auth but They're assuming it will stop working?

Finally, the effects of the change on Outlook behaviour are quite important. They’ve seen Outlook pop up asking for authentication and the user name had to be entered in a specific format to continue (AZUREAD\User@Principal.Name).

They need to make this change on a few tenants and they're worried about the larger ones that have many versions of Office deployed in multiple scenarios. The more information they can get the better.

 

Many thanks in advance. 

2,105 Views
0 Likes
2 Replies
Reply
2 Replies
Vasil Michev

‎Mar 04 2019 06:52 AM

‎Mar 04 2019 06:52 AM

Re: Questions on enabling Modern Authentication.

Enabling Modern auth does nothing with respect to other auth methods, so all clients will continue to work as before. The only difference being that any client capable of (and using) MA will show the new auth UI, or log in the user automatically, depending on the configuration of the tenant/apps.

 

The AzureAD\UPN format is used with devices joined to Azure AD, which by itself is a different scenario.

0 Likes
Reply
best response confirmed by SB V (Brass Contributor)
Chris Webb

‎Mar 04 2019 07:52 AM

‎Mar 04 2019 07:52 AM

Solution

Re: Questions on enabling Modern Authentication.

If device are domain joined with azure ad sync for the users setup the experience is seamless. If they are azure joined it gets more complicated and you will get the user prompt which is a pain point because you usually have to get it to error out to click the “sign in with another account” then use the same format to get it to take. For whatever reason just typing in the password with the existing login which is displayed correct doesn’t always work.
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by SB V (Brass Contributor)
Chris Webb

‎Mar 04 2019 07:52 AM

‎Mar 04 2019 07:52 AM

Solution

Re: Questions on enabling Modern Authentication.

If device are domain joined with azure ad sync for the users setup the experience is seamless. If they are azure joined it gets more complicated and you will get the user prompt which is a pain point because you usually have to get it to error out to click the “sign in with another account” then use the same format to get it to take. For whatever reason just typing in the password with the existing login which is displayed correct doesn’t always work.

View solution in original post

0 Likes
Reply